add sanity check on serial size

This commit is contained in:
Jacob Barthelmeh
2021-03-25 22:59:14 +07:00
parent 9ea60db80a
commit b4c0301f57

View File

@@ -41269,9 +41269,11 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
WOLFSSL_MSG("Serial size error"); WOLFSSL_MSG("Serial size error");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
if ((int)sizeof(cert->serial) < serialSz) {
WOLFSSL_MSG("Serial buffer too small"); if (serialSz > EXTERNAL_SERIAL_SIZE ||
return BUFFER_E; serialSz > CTC_SERIAL_SIZE) {
WOLFSSL_MSG("Serial size too large error");
return WOLFSSL_FAILURE;
} }
XMEMCPY(cert->serial, serial, serialSz); XMEMCPY(cert->serial, serial, serialSz);
cert->serialSz = serialSz; cert->serialSz = serialSz;